Thailand Pegasus Spyware NSO Group on Phones Activists

In Thailand, Pegasus spyware has been found on the phones of 30 activists involved in protests. It shows studies from Amnesty International and two other organizations. This is the first time that this spyware was discovered in the country.

The Thai civil society organization iLaw, Digital Reach and Amnesty’s Citizen Lab co-published the report Smiling parasite: Pegasus spyware targets dissidents in Thailand from. It shows that 30 phones were infected with the malicious software between 2020 and 2021. The phones belonged to prominent people who led mass protests for democracy. Together with human rights defenders and academics, they called for radical political and economic reforms.

These findings follow alarming reports Apple sent to many Thai activists that they had been targeted by spyware in November 2021. Amnesty’s Security Laboratory independently confirmed five of the cases through forensic analyzes.

Monitoring in more and more countries

“We can now officially add Thailand to the growing list of countries where people who peacefully ask for change, express opinions or discuss government policies are being hit by aggressive surveillance,” Amnesty International’s Etienne Maynier said. “This takes a heavy toll on their freedom of speech, privacy and sense of security. The scope of this surveillance may be greater and more damaging than is currently known.”

According to the report, Pegasus spyware was found on the phones of, among others, Arnon Nampa, Benja Apan and Panusaya Sithijirawattanakul, also known as Rung. Time and time again, they have been wrongfully accused by the authorities of peacefully exercising their right of assembly and freedom of expression.

Authorities do not contact these protesters, academics and human rights defenders, but use surveillance to harass, intimidate and attack them. With that, they are trying to break them and give a message to the community. These new revelations are a shocking example of how authorities can bow to stifle peaceful criticism.

Moratorium required

NSO Group, the company behind Pegasus, claims that it only sells products to state intelligence services and law enforcement agencies. States have binding obligations under international law not only to respect human rights but also to protect them from abuse by third parties, including private companies.

Amnesty International continues to push for a global moratorium on the sale, transmission and use of spyware until legitimate human rights guarantees are in place for its use.

Amnesty’s call

The Thai authorities must promptly launch an independent inquiry into the use of Pegasus spyware and take the necessary steps to create a secure environment for community involvement. This means that there must be changes in the legislation that enable state surveillance, including the Computer Crime Act, the Cyber ​​Security Act and the National Intelligence Act. These laws must be brought into line with international human rights law. Security measures must also be put in place to protect the right to privacy and freedom of expression, freedom of association and peaceful assembly.


The new report came out a year after the unveiling of the Pegasus project. It revealed how governments around the world used the NSO group’s invasive Pegasus spyware to illegally keep human rights activists, political leaders, journalists and lawyers under surveillance. The lack of a global moratorium on the sale of spyware allows the surveillance industry to continue unchecked.

Following repeated calls to regulate the surveillance industry, some steps have been taken in the right direction, but governments have not yet taken adequate action.

The Pegasus project was a collaboration between journalists from 17 media organizations in 10 countries, coordinated by Forbidden Stories. Amnesty International’s security lab used advanced digital forensic tests and investigative methods to confirm evidence of having infected dozens of telephones around the world.

In the past year, Security Lab discovered new cases of Pegasus spyware in Western Sahara and Poland. In addition, the Security Lab has independently confirmed several additional cases where Pegasus was still being used to illegally attack people, including in El Salvador, Israel and the Occupied Palestinian Territories, Poland and Spain.

Leave a Comment